The Trade-off between Privacy and Fidelity via Ehrhart Theory

03/09/2018
by   Arun Padakandla, et al.
0

As an increasing amount of data is gathered nowadays and stored in databases (DBs), the question arises of how to protect the privacy of individual records in a DB even while providing accurate answers to queries on the DB. Differential Privacy (DP) has gained acceptance as a framework to quantify vulnerability of algorithms to privacy breaches. We consider the problem of how to sanitize an entire DB via a DP mechanism, on which unlimited further querying is performed. While protecting privacy, it is important that the sanitized DB still provide accurate responses to queries. The central contribution of this work is to characterize the amount of information preserved in an optimal DP DB sanitizing mechanism (DSM). We precisely characterize the utility-privacy trade-off of mechanisms that sanitize DBs in the asymptotic regime of large DBs. We study this in an information-theoretic framework by modeling a generic distribution on the data, and a measure of fidelity between the histograms of the original and sanitized DBs. We consider the popular L_1-distortion metric that leads to the formulation as a linear program (LP). This optimization problem is prohibitive in complexity with the number of constraints growing exponentially in the parameters of the problem. Leveraging tools from discrete geometry, analytic combinatorics, and duality theorems of optimization, we fully characterize the optimal solution in terms of a power series whose coefficients are the number of integer points on a multidimensional convex polytope studied by Ehrhart in 1967. Employing Ehrhart theory, we determine a simple closed form computable expression for the asymptotic growth of the optimal privacy-fidelity trade-off to infinite precision. At the heart of the findings is a deep connection between the minimum expected distortion and the Ehrhart series of an integral convex polytope.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
06/28/2019

Utility-Preserving Privacy Mechanisms for Counting Queries

Differential privacy (DP) and local differential privacy (LPD) are frame...
research
12/11/2021

Privacy Amplification via Shuffling for Linear Contextual Bandits

Contextual bandit algorithms are widely used in domains where it is desi...
research
09/30/2019

Optimal Differential Privacy Composition for Exponential Mechanisms and the Cost of Adaptivity

Composition is one of the most important properties of differential priv...
research
07/08/2023

Bounding data reconstruction attacks with the hypothesis testing interpretation of differential privacy

We explore Reconstruction Robustness (ReRo), which was recently proposed...
research
09/25/2019

Differential Privacy for Evolving Almost-Periodic Datasets with Continual Linear Queries: Application to Energy Data Privacy

For evolving datasets with continual reports, the composition rule for d...
research
08/02/2021

Privacy-Aware Rejection Sampling

Differential privacy (DP) offers strong theoretical privacy guarantees, ...
research
05/16/2018

Accuracy-Privacy Trade-off in Analyzing Randomized Responses

We consider the problem of analyzing a global property of private data, ...

Please sign up or login with your details

Forgot password? Click here to reset